Ansible bitbucket 克隆 repo 配置 ssh 错误 [英] Ansible bitbucket clone repo provisioning ssh error

问题描述

我以前发布过这个问题，但那里的答案不再有效.

I have previously posted this question but the answer there no longer works.

总而言之，在使用 Ansible 配置我的 vagrant box 时，我在尝试使用 ssh 克隆我的 bitbucket 私有存储库时遇到了一个神秘的错误.错误指出权限被拒绝(公钥)".

In summary, When provisioning my vagrant box using Ansible, I get thrown a mysterious error when trying to clone my bitbucket private repo using ssh. The error states "Permission denied (publickey)".

然而，如果我 vagrant ssh 然后运行 ​​'git clone' 命令，私有仓库就被成功克隆了.这表明 ssh 转发代理确实在工作，流浪盒可以访问我与 bitbucket 存储库关联的私钥.

Yet if I vagrant ssh and then run the 'git clone' command, the private repo is successfully cloned. This indicates that the ssh forward agent is indeed working and the vagrant box can access my private key associated with the bitbucket repo.

我已经在这个问题上苦苦挣扎了两天，现在正在失去理智！请有人帮帮我！！！

I have been struggling for two days on this issue and am loosing my mind! Please, somebody help me!!!

流浪文件:

Vagrant.configure("2") do |config|
  config.vm.box = "ubuntu/xenial64"
  config.vm.network "private_network", ip: "192.168.33.14"
  config.ssh.forward_agent = true

  config.vm.provider "virtualbox" do |vb|
    vb.memory = "1824"
  end

  # Only contains ansible dependencies
  config.vm.provision "shell",
    inline: "sudo apt-get install python-minimal -y"

end

我的 playbook.yml 如下:

---

- hosts: all
  become: true

  tasks:
    - name: create /var/www/ directory
      file: dest=/var/www/ state=directory owner=ubuntu group=www-data mode=0755

    - name: Add the user 'ubuntu' to group 'www-data'
      user:
        name: ubuntu
        shell: /bin/bash
        groups: www-data
        append: yes

    - name: Clone [My-Repo] bitbucket repo
      become: false
      git: 
        repo: git@bitbucket.org:[Username]/[My-Repo].com.git
        dest: /var/www/poo
        version: master
        accept_hostkey: yes

错误信息:ansible-playbook playbook.yml

Error Message: ansible-playbook playbook.yml

fatal: [192.168.33.14]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin '' /var/www/poo", "failed": true, "msg": "Cloning into '/var/www/poo'...
Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.", "rc": 128, "stderr": "Cloning into '/var/www/poo'...
Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
", "stderr_lines": ["Cloning into '/var/www/poo'...", "Permission denied (publickey).", "fatal: Could not read from remote repository.", "", "Please make sure you have the correct access rights", "and the repository exists."], "stdout": "", "stdout_lines": []}

附加信息:

• ssh-add -l 在我的机器上确实包含相关的 bitbucket 存储库密钥.
• ssh-add -l 在 vagrant 框内也包含相关的 bitbucket 存储库密钥(通过 ssh-forwarding).

• ssh-add -l on my machine does contain the associated bitbucket repo key.
• ssh-add -l inside the vagrant box does also contain the associated bitbucket repo key (through ssh-forwarding).

如果在 vagrant box 中手动完成克隆操作?:

vagrant ssh
git clone git@bitbucket.org:myusername/myprivaterepo.com.git
Then type "yes" to allow the RSA fingerprint to be added to ~/.ssh/known_hosts (as its first connection with bitbucket)

非常感谢您的帮助，并感谢您阅读我的噩梦.

Any help is greatly appreciated and thanks for reading my nightmare.

推荐答案

这通常意味着 Ansible 不会尝试使用与使用 vagrant ssh 的用户相同的用户克隆存储库.

This generally means Ansible is not trying to clone the repo with the same user than the one use with vagrant ssh.

更好地调试正在发生的事情的一个技巧是运行命令:

One trick to better debug what is going on is to run the command:

GIT_SSH_COMMAND='ssh -v' git clone ...

这样，您将确切地看到尝试了哪些 ssh 密钥.

That way, you will see exactly which ssh keys are tried.

正如 kostix 建议的那样 在评论中，添加id(或id -a) 在 Ansible 命令中也会有帮助.

As kostix suggests in the comments, adding the id (or id -a) in the Ansible commands would be helpful too.

OP Gustavmahler 确认 在评论中:

您是对的:Ansible 将存储库克隆为与我预期不同的用户.
我添加了以下修复任务的内容:

You were right: Ansible was cloning the repo as a different user than the one I expected.
I added the following which fixed the task:

become: true 
become_user: vagrant 

这篇关于Ansible bitbucket 克隆 repo 配置 ssh 错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！